mod_captcha

mod_captcha

am 26.06.2008 02:19:47 von Aaron Collins

Hello,
I'm trying to write a perl based mod_captcha using the recaptcha
service, I was wondering is someone could tell me which handler I should
use that would allow me to have mod_perl intercept a request going to a
specific location and if it i return true continue with the request. In
my case I use ProxyPass to pass request to java. So I'd want to have my
handler jump in give a captcha and when the captcha is approved continue
forwarding it on to the proxypass. If my understanding of mod_perl is
incorrect please let me know if their is a better logic to approach this.

--
-Aaron Collins
Systems Engineer/ Release Engineer
Hawaii Information Consortium
220 S. King St. Suite 2190
Honolulu, Hawaii 96813
Cell: 808.203.8756
Office: 808.587.4213

************************************************************
CONFIDENTIALITY NOTICE:
This email and any attachments are confidential. If you
are not the intended recipient, you do not have permission
to disclose, copy, distribute, or open any attachments. If
you have received this email in error, please notify us
immediately by returning it to the sender and delete this
copy from your system.
************************************************************

Re: mod_captcha

am 26.06.2008 02:36:45 von Adam Prime

Quoting Aaron Collins :
> Hello,
> I'm trying to write a perl based mod_captcha using the recaptcha
> service, I was wondering is someone could tell me which handler I
> should use that would allow me to have mod_perl intercept a request
> going to a specific location and if it i return true continue with the
> request. In my case I use ProxyPass to pass request to java. So I'd
> want to have my handler jump in give a captcha and when the captcha is
> approved continue forwarding it on to the proxypass. If my
> understanding of mod_perl is incorrect please let me know if their is a
> better logic to approach this.

I'd use a PerlAccessHandler to achieve what you're describing. That's
assuming that you want to have a page that is totally distinct from
your java based page that you're restricting access to.

Adam

Re: mod_captcha

am 26.06.2008 20:13:38 von Perrin Harkins

On Wed, Jun 25, 2008 at 8:19 PM, Aaron Collins wrote:
> I'm trying to write a perl based mod_captcha using the recaptcha service, I
> was wondering is someone could tell me which handler I should use that would
> allow me to have mod_perl intercept a request going to a specific location
> and if it i return true continue with the request. In my case I use
> ProxyPass to pass request to java. So I'd want to have my handler jump in
> give a captcha and when the captcha is approved continue forwarding it on to
> the proxypass. If my understanding of mod_perl is incorrect please let me
> know if their is a better logic to approach this.

You can't do all that within a single HTTP request. What you need to
do is check if the person is authorized already (usually through a
cookie), and if not, redirect them to your captcha application. When
they pass the captcha, you give them a cookie that identifies them,
and that cookie allows them in to the protected area.

Rather than write this all yourself, I suggest you subclass Apache::AuthTicket.

- Perrin


>
> --
> -Aaron Collins
> Systems Engineer/ Release Engineer
> Hawaii Information Consortium
> 220 S. King St. Suite 2190
> Honolulu, Hawaii 96813
> Cell: 808.203.8756
> Office: 808.587.4213
>
> ************************************************************
> CONFIDENTIALITY NOTICE:
> This email and any attachments are confidential. If you
> are not the intended recipient, you do not have permission
> to disclose, copy, distribute, or open any attachments. If
> you have received this email in error, please notify us
> immediately by returning it to the sender and delete this
> copy from your system.
> ************************************************************
>
>

Re: mod_captcha

am 05.07.2008 23:36:59 von Aaron Collins

Perrin Harkins wrote:
> On Wed, Jun 25, 2008 at 8:19 PM, Aaron Collins wrote:
>
>> I'm trying to write a perl based mod_captcha using the recaptcha service, I
>> was wondering is someone could tell me which handler I should use that would
>> allow me to have mod_perl intercept a request going to a specific location
>> and if it i return true continue with the request. In my case I use
>> ProxyPass to pass request to java. So I'd want to have my handler jump in
>> give a captcha and when the captcha is approved continue forwarding it on to
>> the proxypass. If my understanding of mod_perl is incorrect please let me
>> know if their is a better logic to approach this.
>>
>
> You can't do all that within a single HTTP request. What you need to
> do is check if the person is authorized already (usually through a
> cookie), and if not, redirect them to your captcha application. When
> they pass the captcha, you give them a cookie that identifies them,
> and that cookie allows them in to the protected area.
>
> Rather than write this all yourself, I suggest you subclass Apache::AuthTicket.
>
> - Perrin
>
>
>
Hey Perrin,
Thanks for you recommendation on the mod_captcha idea.
I completed my module and it came out great. I've got an example
running at http://sandbox.ehawaii.gov/lilo I'm pushing this up to CPAN
soon, until then if anyone would like a copy of this project let me
know. It has template support so you give it your own sites look and feel.

After you do a captcha it assigns you a cookie that last for 15 minutes
(you can go longer or shorter). So you can use the site over and over
or any other app on the site for that matter until the cookie expires
and you must complete another captcha.

--
-Aaron Collins
Systems Engineer/ Release Engineer
Hawaii Information Consortium
220 S. King St. Suite 2190
Honolulu, Hawaii 96813
Cell: 808.203.8756
Office: 808.587.4213

************************************************************
CONFIDENTIALITY NOTICE:
This email and any attachments are confidential. If you
are not the intended recipient, you do not have permission
to disclose, copy, distribute, or open any attachments. If
you have received this email in error, please notify us
immediately by returning it to the sender and delete this
copy from your system.
************************************************************

Re: mod_captcha

am 05.07.2008 23:37:34 von Aaron Collins

Perrin Harkins wrote:
> On Wed, Jun 25, 2008 at 8:19 PM, Aaron Collins wrote:
>
>> I'm trying to write a perl based mod_captcha using the recaptcha service, I
>> was wondering is someone could tell me which handler I should use that would
>> allow me to have mod_perl intercept a request going to a specific location
>> and if it i return true continue with the request. In my case I use
>> ProxyPass to pass request to java. So I'd want to have my handler jump in
>> give a captcha and when the captcha is approved continue forwarding it on to
>> the proxypass. If my understanding of mod_perl is incorrect please let me
>> know if their is a better logic to approach this.
>>
>
> You can't do all that within a single HTTP request. What you need to
> do is check if the person is authorized already (usually through a
> cookie), and if not, redirect them to your captcha application. When
> they pass the captcha, you give them a cookie that identifies them,
> and that cookie allows them in to the protected area.
>
> Rather than write this all yourself, I suggest you subclass Apache::AuthTicket.
>
> - Perrin
>
>
>
Hey Perrin,
Thanks for you recommendation on the mod_captcha idea.
I completed my module and it came out great. I've got an example
running at http://sandbox.ehawaii.gov/lilo I'm pushing this up to CPAN
soon, until then if anyone would like a copy of this project let me
know. It has template support so you give it your own sites look and feel.

After you do a captcha it assigns you a cookie that last for 15 minutes
(you can go longer or shorter). So you can use the site over and over
or any other app on the site for that matter until the cookie expires
and you must complete another captcha.

--
-Aaron Collins
Systems Engineer/ Release Engineer
Hawaii Information Consortium
220 S. King St. Suite 2190
Honolulu, Hawaii 96813
Cell: 808.203.8756
Office: 808.587.4213

************************************************************
CONFIDENTIALITY NOTICE:
This email and any attachments are confidential. If you
are not the intended recipient, you do not have permission
to disclose, copy, distribute, or open any attachments. If
you have received this email in error, please notify us
immediately by returning it to the sender and delete this
copy from your system.
************************************************************